<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <title></title>
</head>
<body>
<?php 
    require_once('./system/dbConn.php');
    connect();
    $old=$_POST["old"];
    $new1=$_POST["new1"];
    $new2=$_POST["new2"];
    //取数据空中的原密码
    session_start();
    $username=$_SESSION["username"];
    $sql="select password from users where uname='$username'";
    $result=mysql_query("$sql");
    $row=mysql_fetch_assoc($result);
    if (strcmp(md5($old), $row["password"])!=0) {//从数据空取得的密码和表单中输入的进行比对
        header("localtion:changePassword.php?msg1=原密码输入错误");
    }
    else if (strcmp($new1, $new2)!=0) {
        header("localtion:changePassword.php?msg2=新密码和确认新密码不一致");
    }
    else{
        //数据空更新  修改密码
        $sql1="update users set password=md5('$new1') where uname='$username'";

        $result1=mysql_query($sql1);
        if ($result1==1) {
            echo "密码修改成功";
            header("refresh:3;url='index.php'");
        }
        else{
            echo "密码修改失败";
        }

    }

 ?>
</body>
</html>

   

